Failed to create secret Post "http://localhost:8080/api/v1/namespaces/keycloak-test/secrets?fieldManager=kubectl-create&fieldValidation=Strict"

I am new to Kubernetes. I just trying to create a tls secret using kubectl. My ultimate goal is deploy a keycloak cluster in kubernetes.

So I follow this youtube tutorial. But in this tutorial doesn't mention how to generate my own tls key and tls cert. So to do that I use this documentation (https://www.linode.com/docs/guides/create-a-self-signed-tls-certificate/).

Then I could generate MyCertTLS.crt and MyKeyTLS.key
<pre><font color="#8AE234"><b>gayan@Gayan</b></font>:<font color="#729FCF"><b>/srv</b></font>$ cd certs
<font color="#8AE234"><b>gayan@Gayan</b></font>:<font color="#729FCF"><b>/srv/certs</b></font>$ ls
MyCertTLS.crt MyKeyTLS.key
</pre>

To create secret key for the kubernetes, I ran this command

sudo kubectl create secret tls my-tls --key="MyKeyTLS.key" --cert="MyCertTLS.crt" -n keycloak-test


But It's not working, I got this error,
<pre><font color="#8AE234"><b>gayan@Gayan</b></font>:<font color="#729FCF"><b>/srv/certs</b></font>$ sudo kubectl create secret tls my-tls --key=&quot;MyKeyTLS.key&quot; --cert=&quot;MyCertTLS.crt&quot; -n keycloak-test
[sudo] password for gayan:
error: failed to create secret Post &quot;http://localhost:8080/api/v1/namespaces/keycloak-test/secrets?fieldManager=kubectl-create&amp;fieldValidation=Strict&quot;: dial tcp 127.0.0.1:8080: connect: connection refused
</pre>

<B>Note</B>: <br>
MiniKube is Running...<br>
And Ingress Addon also enabled...<br>
I have created a namespace called keycloak-test.
<pre><font color="#8AE234"><b>gayan@Gayan</b></font>:<font color="#729FCF"><b>/srv/keycloak</b></font>$ kubectl get namespaces
NAME STATUS AGE
default Active 3d19h
ingress-nginx Active 119m
keycloak-test Active 4m12s
kube-node-lease Active 3d19h
kube-public Active 3d19h
kube-system Active 3d19h
kubernetes-dashboard Active 3d19h
</pre>

I am trying to fix this error. But I have no idea why I get this, looking for a solution from the genius community.

I figured this out! I posted this, because this may helpful for someone.

I am getting that error,

error: failed to create secret Post "http://localhost:8080/api/v1/namespaces/keycloak-test/secrets?fieldManager=kubectl-create&fieldValidation=Strict": dial tcp 127.0.0.1:8080: connect: connection refused

Because my kubernetes api-server is running on a different port.

You can view what port your kubernetes api-server is running by running this command,

kubectl config view

Then for example, if you can see server: localhost:40475 like that, It's mean your server running on port 40475.

And kubernetes default port is 8443

Then you should mention the correct port on your kubectl command to create the secret.

So, I add --server=https://localhost:40475 to my command.

kubectl create secret tls my-tls --key="tls.key" --cert="tls.crt" -n keycloak-test --server=https://localhost:40475

And another thing, if you getting error like permission denied

You have to change the ownership of your tls.key file and tls.crt file.

I did this by running these commands,

sudo chmod 666 tls.crt

sudo chmod 666 tls.key

Then you should run above kubectl command, without sudo! It works !!!!!!
If you run that command with sudo, It will ask username and passwords and it confused me and it did not work.

So, by doing this way, I solved this issue!
Hope this will help to someone!!! Thanks!

In your examples, kubectl get namespaces works, but sudo kubectl create secret doesn't.

You don't need sudo to work with Kubernetes. In particular, the connection information is stored in a $HOME/.kube/config file by default, but when you sudo kubectl ..., that changes the home directory and you can't find the connection information.

The standard Kubernetes assumption is that the cluster is remote, and so your local user ID doesn't really matter to it. All that does matter is the Kubernetes-specific permissions assigned to the user that's accessing the cluster.